How to speed up the DNS?
Len Conrad
LConrad at Go2France.com
Mon Feb 11 02:51:50 UTC 2002
>I have juist set up a DNS(bind 8.23) server for one company.
that's a vulnerable version, upgrade to 8.3.1
>I fould it slow to solve the names that are not in the db of DNS but can
>quickly response to the correct ones.
>
>eg
> ping a.b.c.d (a.b.c.d is no entry in db of dns) very slowly cost about
> 1 min
"recursive" queries take 1 minute
> ping ok.co.jp (ok.co.jp can be solved by the dns server) very quickly
authoritative queries, instantaneous
>I think the root.cache file may cause the delay.
no. you at least have a root.cache file, because recursive queries work
>Because the dns server is still used in the internal and can not access
>outside.
then how can it resolve any recursive queries?
>Every query tries every server in the file.
tries every server in the root.cache file?
on the bind machine, what does
traceroute 198.41.1.245
and
traceroute 202.12.27.33
... show?
"normally", your named should home in on 202.12.27.33 as having the lowest
RTT.
turn on named logging with print time, here's a sample bind8 logging
statement, adjust the path :
logging
{
channel my_file {file "c:/winnt/system32/dns/etc/named.run"; severity
debug; print-time yes; };
category default {my_file;};
category panic {my_file;};
category packet {my_file;};
category eventlib {my_file;};
category queries {my_file;};
category lame-servers { null;};
category cname { null;};
};
and run
ndc trace
then, do a query you know is slow, and look in the look in named.run and
see at what step(s) the delays are.
repeat until you know where the delays are.
ndc notrace
... to turn of trace logging
Len
http://MenAndMice.com/DNS-training
http://BIND8NT.MEIway.com : ISC BIND 8.2.4 for NT4 & W2K
http://IMGate.MEIway.com : Build free, hi-perf, anti-abuse mail gateways
More information about the bind-users
mailing list